Ansel 1.2 through 2.0 uses insecure default permissions, which allows remote attackers to gain access to web readable directories.
CVSS 2.0
Severity: HIGH
Problem Type: NVD-CWE-Other,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| ansel | ansel | 1.2 |
| ansel | ansel | 1.4 |
| ansel | ansel | 2.0 |
| ansel | ansel | 1.3 |
SQL injection vulnerability in Ansel 2.1 and earlier allows remote attackers to modify SQL statements via the image parameter.
CVSS 2.0
Severity: HIGH
Problem Type: NVD-CWE-Other,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| ansel | ansel | 1.2 |
| ansel | ansel | 1.1 |
| ansel | ansel | 1.4 |
| ansel | ansel | 2.0 |
| ansel | ansel | 2.1 |
| ansel | ansel | 1.3 |
| ansel | ansel | 1.0 |